Main Page Forum Ringtones SMS Messages Games Free Downloads Contact UsTelepk Map
Make This Page Your Home Page Make TelePK.Com Your Favorite Website Telepk Header
IP: 38.107.191.85 COUNTRY: FLAG:
Mobile Zone
  1. PTCL TelePhone Directory
  2. SMS Messages
  3. SmS Jokes
  4. Sms Dictionary
  5. Memory Card Rates
  6. Mobile Phones
  7. Mobile Phone Articles
  8. Mobile Tutorials
  9. Mobile Games
  10. Mobile Wallpapers
  11. Secret Codes
  12. Ring Tones
  13. Web To SmS
  14. Telecom Reviews
  15. SMS Worldwide

Sponsored Ads

Entertainment
  1. Islam
  2. Listen Radio Live
  3. Watch TV Channels
  4. Elections
  5. Home Decoration
  6. Beauty And Health
  7. Tech News
  8. Kitchen
  9. Greeting Cards
  10. Animation
  11. Messenger Zone
  12. Online Chat
  13. Articles
  14. Downloads
  15. City Codes
  16. Computer
  17. Know Your Heart
  18. Palmistry
  19. Myspace
  20. Make Money
  21. World News
  22. Map Guide
  23. Eid Day
  24. Pakistan
  25. Pakistani Singers
  26. Personalities
  27. Emergency No.s
  28. Funny Jokes
  29. Finance
  30. Flights
  31. Funny Pictures
  32. Kids
  33. Songs
  34. Sports Online
  35. Spotlight
  36. Student Visa
  37. Education
  38. Online Games
  39. Study Abroad
  40. Tutorials
  41. Immigration
  42. Internet
  43. Urdu
  44. Weather Status
  45. Webmaster Tools
  46. Valentine Day
  47. Video Clips
  48. Videos

Sponsored Ads

Search Engine

Latest Updates!

Please fill out the form below to get notified whenever telepk.com will be update.
Name:
Email:

Active Visitors
  1. 290

Sponsored Links



Play Game

Play Game
Microsoft Caves to Users on Windows 7 Security

Windows 7's vaunted security is flawed. The good news is that, despite initial responses denying it, Microsoft announced today that it plans to deliver a comprehensive fix soon.

After a week of denying that the default setting for Windows 7's User Account Control (UAC) is too easy to compromise and could lead to malware disabling the very mechanism that's meant to keep users safe from attacks, Microsoft (NASDAQ: MSFT) Thursday caved in to users' demands.

If not fixed, many observers had said in their harangues, the issue could turn out to be Windows 7's Achilles' heel. In fact, Microsoft claimed as recently as early in the day on Thursday that Windows 7's UAC default settings are not flawed at all, but rather constitute a feature created "by design."

Further, the company argued, an attack program would already have to be installed on the user's PC in order to exploit the two holes in UAC found by third-party developers, a Microsoft executive insists. For that to happen, Microsoft asserts, the user would need to click to allow a malware download to the user's PC in the first place.

A few hours later, things changed. "We are going to deliver two changes to the [Windows 7] Release Candidate that we'll all see. First, the UAC control panel will run in a high integrity process, which requires elevation …. Second, changing the level of the UAC will also prompt for confirmation," said a joint posting on the Engineering Windows 7 blog Thursday afternoon.

The post was co-signed by Steven Sinofsky, senior vice president of Windows and Windows Live Engineering, and Jon DeVaan, senior vice president of the Windows Core Operating System Division.

Windows 7 is currently in beta test and is in the hands of literally millions of users. The system has largely gotten rave reviews, including one group of hardcore fans that have started an online petition demanding the beta be terminated now and the software released immediately.

Microsoft continues to maintain Windows 7 will ship in the first quarter of 2010. In actuality, however, Windows 7 is expected to reach the release candidate stage of testing – the last testing step before commercial release – by the end of April. That's when the changes to UAC will be added.

Observers still differ on their bets as to when Windows 7 will actually be released – with estimates running from early June to late summer – but it will most certainly be available for the Christmas sales season, barring any showstopper bugs turning up between now and then.

A familiar headache
UAC is not new. It debuted with Windows Vista as a way to double check that changes to the operating system – such as installing new programs – are done under the auspices of high-quality security, including passwords that must be keyed in before such an installation proceeds.

While Vista's UAC got high marks for security, it was too disruptive for many users. In fact, many users became so frustrated with the constant dialog boxes and prompts popping up, asking for a password before continuing, that they simply disabled UAC altogether, thus defeating UAC's purpose.

With Windows 7, Microsoft changed the defaults for UAC at what it insists was users' request. The current default in Windows 7 is to notify the user and ask for permission to download a file or install a program only if that action is triggered by a script, but not if the user is clearly interacting with Windows 7 him or herself. This lessens the number of prompts that the user needs to respond to, but makes a tradeoff on the quality of Windows 7's security.

However, what if an attacker could write a script that did a good job of pretending to be a human keying in changes – such as turning off UAC or elevating the script's user rights? That's the rub.

The problems were initially publicized late last week by several blogger developers, including Rafael Rivera and Long Zheng. The second problem, the ability for a script to upgrade its user rights to a higher administrative level, surfaced earlier this week.

"A change to User Account Control (UAC) in Windows 7 (beta) to make it 'less annoying' inadvertently clears the path for a simple but ingenious override that renders UAC disabled without user interaction," said a post on Zheng's blog.

Microsoft officials, meanwhile, insisted that the problems were overblown. "Microsoft’s position that the reports about UAC do not constitute a vulnerability is because the reports have not shown a way for malware to get onto the machine in the first place without express consent [of the user]," said a blog post by DeVaan earlier Thursday [February 5].

A lot can change in just a few hours, though, as the later joint posting reveals.

"The feedback is that UAC is special, because it can be used to disable silently future warnings if that change is not elevated and so to change the UAC setting an elevation will be required," reads the late afternoon joint post.

Just dump administrator access?

Of course, one thing to do is to take advantage of other Windows security features to mitigate the problems. For instance, security management firm BeyondTrust published a report on Tuesday stating that its research shows that 92 percent of "critical Microsoft vulnerabilities" can be ameliorated by simply eliminating administrators' rights from users' systems.

That could be annoying for both corporate and consumer users, however, and defeats one of UAC's goals, which is to reduce demands on administrators' time and enable users to perform some of their own security tasks. For consumers, it means logging off their user accounts, logging into separate administrator's accounts and performing the needed tasks, then logging back in as users.

One leading security expert says that he thinks Microsoft's heart is in the right spot.

"What they're trying to do is improve the usability of UAC," Johannes Ulrich, chief research officer for the SANS Internet Storm Center, If it frustrates the users, they'll just turn it off."

Perhaps one thing that got Microsoft executives' attention was the fact that Long Zheng and Rivera, as well as others, posted proof-of-concept code to disable UAC in Windows 7. Additionally, they also posted a homegrown fix for both holes.

The Internet Storm Center's Ulrich says there will always be tradeoffs between protecting users and allowing them to have more control of their systems.

"What it would really take is a completely new operating system, but for Windows 7 this is the best you can expect," Ulrich added.



<<< Back


Send this page to a friend


   
Play Games
Most Viewed Services:
  1. Free TV
  2. Watch GEO News
  3. Watch Disney TV USA
  4. AIM Away Messages
  5. AIM Buddy Icons
  6. BBQ Recipes
  7. Burger Recipes
  8. Fruit Salad Recipes
  9. Funny Pictures
  10. Spider-Man
  11. Spider-Man The Film
  12. Spider-Man Wallpapers
  13. Family
  14. Family Fun
  15. Windows Live Messenger
  16. Easter E-Cards
  17. 2008 Festivals
  18. Christian Festivals
  19. Msn Display Pictures
  20. Yahoo Avatars
  21. Myspace
  22. Nokia 5700
  23. Nokia 5070
  24. Bob Woolmer
  25. SMS Messages
  26. SMS Jokes
  27. Animals
  28. Apple
  29. Bikes
  30. Zong
  31. World
  32. Cars
  33. Celebrity
  34. Facebook
  35. Ali Lohan
  36. Computer
  37. Finance
  38. Fitness
  39. Shoes
  40. New Homes
  41. MSN Web Messenger
  42. Download MSN Messenger
  43. Download Latest Msn Messenger
  44. Multi MSN
  45. Download Multi MSN
  46. MSN Emoticon
  47. MSN Nick Name
  48. MSN Screen Names
  49. MSN Nick
  50. MSN Names
  51. Cool MSN Emoticon
  52. Urdu
  53. Urdu Jokes
  54. Urdu Dictionary
  55. Urdu Poetry
  56. Automobile
  57. Cars
  58. New Cars
  59. Food
  60. Kitchen
  61. Cell Phone
  62. Free Mobile Game
  63. Free Mobile Wallpapers
  64. Mobile Phone Secret Code
  65. Free Web SMS
  66. Free Worldwide Sms
  67. Islam Way
  68. Home Interior Decoration
  69. Health And Beauty Tip
  70. Latest Tech News
  71. Kitchen Remodeling
  72. Free E Greeting Card
  73. Know Heart
  74. Palmistry Line
  75. Make Money Online
  76. Myspace HTML Codes
  77. Myspace Toolbox
  78. Toyota RAV4
  79. Nokia Cell Phone
  80. Sony Ericsson Cell Phone
  81. Blackberry Phone
  1. Funny Joke
  2. MSN Avatars
  3. MSN Smileys
  4. MSN Display Pics
  5. MSN Display Pictures
  6. Pakistan Cricket Team
  7. Spicy Food
  8. Health Food
  9. Pakistan
  10. AOL Block Checker
  11. Urdu News
  12. Yahoo Web Messenger
  13. Download Yahoo Messenger
  14. Download Latest Messenger Version Yahoo
  15. Multi Yahoo Messenger
  16. Download Multi Yahoo Messenger
  17. Yahoo Emoticon
  18. Yahoo Hidden Emoticon
  19. Yahoo Avatars
  20. Yahoo Display Pictures
  21. Yahoo Animated Avatars
  22. Yahoo Smileys
  23. Free Cooking Recipe
  24. Hindu Festivals
  25. Sikh Festivals
  26. March Madness
  27. Tutorials
  28. Article of Mobile Phone
  29. Abrar Ul Haq
  30. Zong Sms
  31. Internet
  32. Better Homes
  33. Home
  34. Pets
  35. Forex
  36. Real Estate
  37. Science
  38. Stock Exchange
  39. WWE
  40. Information
  41. Football
  42. Flights
  43. Cricket News
  44. Latest World News
  45. Personality
  46. Emergency Phone Numbers
  47. Family Kid
  48. Online Spotlight
  49. Student Visa
  50. Download Online Game
  51. Study Abroad
  52. Immigration Law
  53. College University
  54. Web Master Tool
  55. Weather Report
  56. Funny Video Clips
  57. Funny SMS Joke
  58. Urdu SMS
  59. New Year SMS Joke
  60. Free SMS Joke
  61. AIM Block Checker
  62. City Code
  63. Find Article
  64. Dual Sim T500
  65. Asus P535
  66. Asus Cell Phone
  67. Sky Scrappers
  68. Funny Jokes
  69. History of Pakistan
  70. Government of Pakistan
  71. Lahore Resolution
  72. English Chat
  73. Online Chat Rooms
  74. Computer Wallpaper
  75. Software Downloads
  76. Samsung i710
  77. Ali Zafar
  78. Atif Aslam


More Resources...

Add Your Link : Partners

© All Rights Reserved : Pakistan : Privacy Policy : Disclaimer : Advertise with us : Sitemaps : 1, 2, 3, 4, 5